Android Health Connect Vulnerability (DC-2024-0052) – High

2024-11-22

:

An issue in Android’s Health Connect app (CVE-2024-0052) allows unauthorized access to exercise route data. This happens because a permission check is missing, potentially revealing users’ exercise routines to malicious applications.

Vulnerability Details:

Platform: Android
Version: Not specified (all versions before March 2024 security patch)
Vulnerability: Local Information Disclosure (exercise route data)
Severity: High
Date: March 11, 2024 (published), November 21, 2024 (last modified)

What Undercode Says:

This vulnerability exposes users’ exercise routines without requiring any additional privileges or user interaction. It’s crucial to install the latest security patch (March 5, 2024) to address this issue.

Note: This rewrite omits technical details like CVSS scores and references not directly related to the vulnerability itself.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top